Describe your feature request
Add more ways to increase the security of your Replit account with things like 2FA with an authenticator app or SMS codes.
What problem(s) would this feature solve?
This would make it so it would be harder to compromise accounts especially if somebody does a lot of bounties and has thoughts of dollars of cycles sitting in their account.
Explain what you were trying to do when you came across the problem leading to this feature request
Nothing really. I was thinking with the new SSO here there is no more 2FA like it was before with more vanilla discourse and now there is none directly in Replit.
Wouldn’t 2FA be useless without having every destructive action need 2FA? Currently deleting an account doesn’t need 2FA, for example. (It doesn’t require any authentication at all as far as I know)
You’re right - it doesn’t require auth. My point was just to help with logging in. Nothing you can do about anything else.
It is really stupid. YouTube also doesn’t require auth for lots of things they should (like unlisting videos, deleting them, streaming, etc) which leads to a lot of the scam channels that have been hacked or had the browser session stolen. Same on lots of websites unfortunately.